The OAuth authorisation module allows for registering different client applications, which enables having a different authorisation policy for different clients.
See the page OAuth authorisation and authentication for details on how to implement authorisation and authentication in your client application.
Every client has a
clientSecret, one or more grant types (how a client can get an access token), and one or more allowed redirect URIs.
These can be configured in the Grails configuration file
.grails/transmartConfig/Config.groovy in the
In recent versions of transmart, including the just_rest branch, which use a newer version of the oauth plugin, the clients are registered in a separate database. Nevertheless, the application will, on startup, sync the contents of that configuration key.
scopes property is currently not used.
authorizedGrandTypes property can have the following values:
|The authentication server will return an authorization code, which can be used to obtain an access token|
|Allows for |
|Allows for refreshing the access token using a refresh token. The refresh token is received together with the |
|Allows for passing |
The following code has optional settings you can use to influence whether the refresh token should be reused and the expiration times of the tokens. You can put it near the end of the generated out-of-tree Config.groovy (~<tomcat user>/.grails/transmartConfig/Config.groovy).